System and Organization Controls Team Authors and Presents Inaugural AICPA SOC for Cybersecurity Certification

Withum Team Authors and Presents New SOC Training Course: SOC for Cybersecurity Certification

When the AICPA hosted its flagship System and Organization Controls (SOC) for Cybersecurity Certification course, members of WithumSmith+Brown, PC’s SOC Audit Services Group served as lead instructors for the new SOC for cybersecurity training course. This first-of-its-time program was authored by Withum professionals, and seven of our SOC specialists  are among the first CPAs nationwide to earn theSOC for Cybersecurity AICPA digital badge.

What Is a SOC for Cybersecurity Audit?

A market-driven, flexible, and voluntary reporting framework, the SOC for Cybersecurity audit helps organizations communicate their cybersecurity risk management and compliance program, as well as their effectiveness of controls.

Withum’s certified SOC for Cybersecurity team members includes Tony Chapman, partner and SOC Audit practice leader; Anurag Sharma, principal; Jim Bourke, partner, director of advisory practice; Stephanie Fitzgerald, SOC senior manager; Anupam Goradia, SOC senior manager; and Andrea Fernandez, SOC staff auditor. These certifications have earned Withum the distinction of having more authorized SOC specialists with AICPA digital badges that can perform peer reviews on SOC engagements, than any other CPA firm nationwide.


As a leader in SOC and cybersecurity and information security services, Withum has once again distinguished itself – this time as it relates to the new cybersecurity risk management reporting framework,” said Chapman. “Our firm is among the first and has the highest concentration of fully designated SOC professionals authorized to provide peer reviews.
Jim Bourke

AICPA has retained Withum to write, present live and record on-demand viewings of the first SOC for Cybersecurity Certificate training course for SOC Audit professionals. Three of Withum’s professionals, Chapman, Sharma, and Mahoney, served as course authors and presenters. Topics addressed in the AICPA-sponsored course offer an overview of the cyber threat landscape and terminology, various SOC services (SOC 1 & SOC 2 audits), components of a cybersecurity compliance and  risk management program, utilization of criteria to assess an entity’s controls, key steps for performing the cyber risk-management examination and factors to consider while forming the opinion and preparing the practitioner’s report.

SOC for Cybersecurity is a new entity-wide cybersecurity audit that allows organizations to report on their cybersecurity management programs to internal and external stakeholders with credibility. For clients whose cybersecurity risk management programs are mature, an independent third-party firm can perform a comprehensive examination to assess cybersecurity compliance.

For More on SOC for Cybersecurity Services, check out our Cybersecurity FAQ post!

Previous Post

Next Post